AS Ühisteenused – Court Ruling (Estonia, 2024)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A court ruled that AS Ühisteenused could not keep a debt claim against a person because the claim was too old. The person sold their car and didn't know about the parking violation, so the court decided the debt should be removed. This case shows that companies need to be careful about how long they keep personal data related to debts.
What happened
A court found that AS Ühisteenused's claim for a parking violation was time-barred and should be deleted.
Who was affected
The person who sold their car and was unaware of the parking violation was affected.
What the authority found
The court ruled that the debt claim was too old to enforce, meaning AS Ühisteenused could not keep the person's information.
Why this matters
This ruling highlights the importance of timely data management for companies. Businesses should regularly review their records to ensure they are not holding onto outdated information.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The data subject brought an action against AS Ühisteenused, a company providing parking services ('controller 1'). The company that made a claim against the data subject arising from a contractual penalty in the amount of €79,57 for a car parking violation. According to a debt notice of 29 April 2022 sent to the data subject, the violation occurred on the 17 April 2019 and the penalty was to be paid by 2 May 2019. The data subject sold the car on 27 August 2019, and was not aware of AS Ühisteenused's parking regulations or the alleged violation on 17 April 2019, as they did not personally use the car. On 25 March 2022, AS Ühisteenused and Julianus Inkasso OÜentered, a debt collection company (‘controller 2’) entered into an agency agreement on the basis of which and Julianus Inkasso OÜ was authorized to represent AS Ühisteenused in the recovery of the debt owed by the data subject. As two controllers jointly determined the purposes and means of processing, they became joint controllers under Article 26 GDPR. As a result, the data subject’s debt was published on the website taust.ee (eng translation: background.ee) by Julianus Inkasso OÜ. On 29 May 2022, the data subject requested both controllers to stop processing their personal data and delete them from the website. According to [https://www.riigiteataja.ee/akt/106072023098 §146 of the Estonian Civil Code], the expiry date for the request arising from a violation of the law is three years. Since the penalty was to be paid by 2 May 2019, the three-year deadline expired on 3 May 2022 and the claim was therefore time-barred. Therefore, the data subject asked a court to order the controller 2 to delete the debt information linked to them and to pay €270 by way of damages for per-litigation legal costs. In its reply, controller 1 stated that they have a right to disclose this type of data. In particular, under [https://www.riigiteataja.ee/akt/104012019011 § 10(2)(5) of the Estonian Data Protection Act], the transf
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (0)
No other cases found for AS Ühisteenused in EE
This is the only recorded case for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. AS Ühisteenused - Estonia (2024). Retrieved from cookiefines.eu
Last updated: